Front page | perl.perl5.porters |
Postings from September 2011
Smoke-derived patch #3, this time a fix for an improper propagation of
tainting via PL_statname and $ARGV. These are are actually fixes for old
code, which used to see tainting as a second-class type of magic which would
not always be invoked.
diff --git doio.c doio.c
index ea38f01..50cae26 100644
--- doio.c
+++ doio.c
@@ -740,6 +740,7 @@ Perl_nextargv(pTHX_ register GV *gv)
STRLEN oldlen;
sv = av_shift(GvAV(gv));
SAVEFREESV(sv);
+ SvTAINTED_off(GvSVn(gv)); /* previous tainting irrelevant */
sv_setsv(GvSVn(gv),sv);
SvSETMAGIC(GvSV(gv));
PL_oldname = SvPVx(GvSV(gv), oldlen);
diff --git pp_hot.c pp_hot.c
index 8f25cf0..5dd6991 100644
--- pp_hot.c
+++ pp_hot.c
@@ -1560,6 +1560,7 @@ Perl_do_readline(pTHX)
if (av_len(GvAVn(PL_last_in_gv)) < 0) {
IoFLAGS(io) &= ~IOf_START;
do_open(PL_last_in_gv,"-",1,FALSE,O_RDONLY,0,NULL);
+ SvTAINTED_off(GvSVn(PL_last_in_gv)); /* previous
tainting irrelevant */
sv_setpvs(GvSVn(PL_last_in_gv), "-");
SvSETMAGIC(GvSV(PL_last_in_gv));
fp = IoIFP(io);
diff --git pp_sys.c pp_sys.c
index a6949a9..f77bbe2 100644
--- pp_sys.c
+++ pp_sys.c
@@ -2810,6 +2810,7 @@ PP(pp_stat)
goto do_fstat_have_io;
}
+ SvTAINTED_off(PL_statname); /* previous tainting irrelevant */
sv_setpv(PL_statname, SvPV_nolen_const(sv));
PL_statgv = NULL;
PL_laststype = PL_op->op_type;
Thread Previous
|
Thread Next